This only applies to systems that use a one-way hash method to store passwords and compare authentication hashes.
If your system requires such an update, I would do the following.
As Taimon noted, hashing is one way and you cannot extract the source text from the hash.
In my database table storing user information and password, I would include an integer Hash level field. This indicates which hash method the user is using.
When a system is added with a new hashing method, the maximum hashing level will be increased.
Say if I already have 2 hashing methods
1 MD5 2 SHA1 3 SHA256
If I add a new SHA512 hashing method, it will become
4 SHA512
Each time a user logs in, the system checks to see if the user password matches the name in the database using the identified Hashing level. There are several cases here:
- If the password hashes match, but the User Hashing level is not the highest Hashing level that the system offers, then the hash enter the user password, that is, plain text using the highest level of the hashing method and set the Hashing level from the user to the highest Hashing level. Then the user authenticates.
- If the password hashes match and the User Hash level is the highest Hash level, then the user is authenticated.
- If the password hashes do not match at all, the user is denied.
This means that whenever you update the hash level of the system, the user password is updated to the highest level at the next authentication.